An executive of Target Corp. said Tuesday the retailer has taken actions to shore up security after the massive breach of millions of consumers’ data during the holiday season.
But senators examining the issue at a hearing said even the most robust security systems can be vulnerable to cyberattack, and only the adoption by banks and retailers of more-advanced technology for payment cards and processing systems will reduce fraud.
The Senate Judiciary Committee testimony by John Mulligan, executive vice president and chief financial officer at the No. 2 U.S. discounter, also revealed that Target discovered an additional 25 cash registers infected by malicious software Dec. 18. The company had said earlier that it had removed all the malware from its system by Dec. 15.
Mulligan’s testimony was the first public appearance by a Target executive addressing the issue since the breach that occurred between Nov. 27 and mid-December. An estimated 40 million credit and debit card accounts were affected.
Among the actions the Minneapolis-based company has taken, he said, is a thorough review of its payment network with an eye to improving security, and issuing new credit or debit cards to customers requesting them.
Mulligan said Target is “deeply sorry” for the effect of the data theft on consumers, and he acknowledged that their confidence in the company has been shaken.
Sen. Patrick Leahy, D-Vt., the panel’s chairman, said the erosion of consumers’ confidence — with data breaches on the rise affecting retailers, Internet companies and others — could hinder the U.S. economy’s recovery.
The recent data hackings at Target, luxury retailer Neiman Marcus and arts-and-crafts chain Michaels Stores “compromised the privacy and security of millions of consumers,” Leahy said.